A New Approach for Hiding Policy and Checking Policy Consistency

Author

Zou, Deqing ; Liao, Zhensong

Author_Institution

Sch. of Comput. Sci. & Technol., Huazhong Univ. of Sci. & Technol., Wuhan

fYear

2008

fDate

24-26 April 2008

Firstpage

237

Lastpage

242

Abstract

Automated trust negotiation (ATN) is a new means to establish trust relationship through the mutual exchange of access control policy and credentials in the open and distributed environments. In ATN, access control policy plays a key role in protecting resources from unauthorized access. In practice, a policy may contain sensitive information, and its disclosure may cause damages. In order to protect the sensitive policy or its content, the policy is usually designed complex. Even worse, the policy may be self contradictory, which would lead the negotiation to fail. To solve such a problem, a new approach for checking policy consistency is proposed in the paper. In the approach, we analyze why the policy inconsistency happens and specify how to avoid it by simplifying a compound policy. Meanwhile, the approach is proved useful to hide policy by presenting some useful theorems to generate minimal policy set and credential set.

Keywords

authorisation; data encapsulation; access control policy; automated trust negotiation; checking policy consistency; credential set; hiding policy; minimal policy set; unauthorized access; Access control; Application software; Computer science; Grid computing; Information security; Internet; National security; Privacy; Protection; Resource management; Policy Consistency; trust negotiation;

fLanguage

English

Publisher

ieee

Conference_Titel

Information Security and Assurance, 2008. ISA 2008. International Conference on

Conference_Location

Busan

Print_ISBN

978-0-7695-3126-7

Type

conf

DOI

10.1109/ISA.2008.39

Filename

4511569